Subject: Re: [netatalk-admins] Netatalk users (nu PERL script)
From: Jamie Biggar (jamie@scifi.com)
Date: Wed Mar 03 1999 - 10:46:13 EST
At 8:47am on Tue, 2 Mar 1999, Erik Ohlin wrote:
> Does anyone know of any way to report the IP address or MAC (IEEE)
> address of the users logged into afpd? I didn't see any options in ps
> that returned this info. Would it be possible to grep that from the
> syslog?
I tried doing something with 'netstat -et | grep afpovertcp' but it was
difficult to pair those with process numbers (thus usernames from 'ps
-aux') unless frequent reboots "ensured" you never rolled over with port
numbers or PIDs meaning sort order would be maintained. It also assumed
everyone was using TCP not DDP.
I briefly investigated doing something with 'lsof', but I decided that my
own occassional needs were well enough met by just manually using netstat
and ps and didn't justify spending any more time. If your needs are more
pressing, I think that lsof would give you the socket-to-pid matching
you'd need to know who from where.
Adrian, have you considered setting argv[0] as some FTPd children do to
indicate UID/remote address information? Is it difficult and/or
considered a security risk?
-Jamie
This archive was generated by hypermail 2b28 : Sat Dec 18 1999 - 16:16:23 EST